airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus Christie (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (AIRAVATA-2223) Support for data sharing disabled
Date Thu, 26 Jan 2017 21:00:28 GMT

    [ https://issues.apache.org/jira/browse/AIRAVATA-2223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15840443#comment-15840443
] 

Marcus Christie edited comment on AIRAVATA-2223 at 1/26/17 9:00 PM:
--------------------------------------------------------------------

Reopening because [~smarru] found another sharing disabled bug.

As an admin, if you go to the Experiment Statistics page and click on an experiment for which
you aren't the owner, you get an error when the getProject API method is called for that experiment.

One thing that changed for non-sharing API calls is that [the claims map is checked to make
sure that the authenticated user is the same as the project's owner|https://github.com/apache/airavata/blob/0108cb28c5cf704eadcb6be124dfcb8d99963dbc/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java#L773-L772].


What we did for situations like this is add API methods that bypass this check, but only for
users with the admin or admin-read-only roles, see [issue comments on AIRAVATA-2207 for more
details|https://issues.apache.org/jira/browse/AIRAVATA-2207?focusedCommentId=15652144&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15652144].

So we can do something like that projects as well. However, I'm not sure how useful it would
be. We currently only display the project name for the experiment. Currently even when sharing
is enabled PGA only loads the project when the admin has READ access to it.

For now I can do a quick workaround that only loads the project if sharing is disabled when
the user owns the experiment (since that means the user also owns the project).



was (Author: marcuschristie):
Reopening because [~smarru] found another sharing disabled bug.

As an admin, if you go to the Experiment Statistics page and click on an experiment for which
you aren't the owner, you get an error when the getProject API method is called for that experiment.

One thing that changed for non-sharing API calls is that [the claims map is checked to make
sure that the authenticated user is the same as the project's owner|https://github.com/apache/airavata/blob/0108cb28c5cf704eadcb6be124dfcb8d99963dbc/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java#L773-L772].


What we did for situations like this is add API methods that bypass this check, but only for
users with the admin or admin-read-only roles, see issue comments on AIRAVATA-2207 for more
details|https://issues.apache.org/jira/browse/AIRAVATA-2207?focusedCommentId=15652144&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15652144].

So we can do something like that projects as well. However, I'm not sure how useful it would
be. We currently only display the project name for the experiment.

For now I can do a quick workaround that only loads the project if sharing is disabled when
the user owns the experiment (since that means the user also owns the project).


> Support for data sharing disabled
> ---------------------------------
>
>                 Key: AIRAVATA-2223
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2223
>             Project: Airavata
>          Issue Type: Bug
>          Components: PGA PHP Web Gateway
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>             Fix For: 0.17
>
>
> Test and fix issues related to data sharing being disabled.
> Known issues
> * (/) Project listing is empty when creating a new experiment even when user has several
projects



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message